Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Security Schemes and Users seeing issues they should not be able to

Jeremy Barnes
Jeremy Barnes August 24, 2018

Hi there, I am struggling right now to understand why some of my users who are not in a user group contained in Security Level A can still see some issues with that Security Level. 

To further illustrate, when I go to Permission Helper and select the affected user I can click on one Issue and it will say they can't access it only because they are not in Security Level A. Then I will choose another Issue with the same user and the Permission Helper will say they can access the Issue specifically because they are in Security Level A.

Would be happy to further describe my setup but as I am new to Security Schemes I first wanted to ask if this should be possible for the Permission Helper to say a user is and isn't in the same Security Level depending on the Issue.

Thanks for your help!

Answer
Watch
Like Be the first to like this
324 views

2 answers

1 accepted

2 votes
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 25, 2018

Your user must match (at least) one of the rules for the level.  My bet would be on the group custom field - it's set to a group your user is in.

View More Comments
Jeremy Barnes
Jeremy Barnes August 29, 2018

Thanks Nic. You were right! The problem was that I created that Group Custom field with a default group value but didn't restrict it's configuration to the specific subtasks I wanted it to apply to. New parent tasks and Epics were created and given that default group value even though the field wasn't accessible on their screens. 

Thanks again!

Like
Reply
0 votes
Jeremy Barnes
Jeremy Barnes August 24, 2018

Just one further comment. Consider Security Level A to have the following Users/Groups/Roles:

  • Current assignee
  • Group (B)
  • Group (C)
  • Group (D)
  • Group (E)
  • Group custom field value (Group Permission)

 

The Issues I've tested do not have the user assigned to either Issue and the Group Permission custom field is not on the screen that applies to these Issues (only on few subtasks).

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security